Our privacy obligations
The National Indigenous Australians Agency (NIAA) must keep your personal information safe.
Our Privacy Policy explains:
- what personal and sensitive information we collect
- why we collect it
- how we use it
- how you can access or correct your personal information
- how to make a privacy complaint and what we will do with your complaint.
What we collect
We collect your personal information. This is any information or opinion about an individual we can identify. We may collect your:
- name
- address
- date of birth
- phone number
- emergency contact information
- employment information (including referee comments)
- education status
- financial information
- gender
- signatures
- government IDs (like tax file number and Centrelink Customer Reference Number)
- citizenship and visa status
- information about how you interact with us
- information about your family and other related persons, including nominees
- opinions, feedback, and commentary
- passport, drivers licence, and travel movements
- conflict of interest declarations
- working with children / vulnerable people check information.
We may collect your sensitive information. This is a special type of personal information. It includes your:
- health information
- information about you being a part of a political group, a professional or trade group or a workers' union
- information about your ancestors
- recordings of you (like voice a recording)
- race or ethnicity information
- sexual orientation
- what you believe about religion, politics, life and the world
- criminal record.
We also collect sensitive information about how Aboriginal and Torres Strait Islander peoples were separated from their families and communities (for things like the Territories Stolen Generations Redress Scheme).
How we collect information
We collect personal information:
- from you
- from your representative
- from a third party (if allowed by law)
We will only collect sensitive information if:
- you agree
- we have to by law
- the Privacy Act allows us.
We collect your information through:
- surveys, grants, and funding we provide
- emails, phone calls and letters / mail
- forms (including surveys) or notices
- complaints
- consultations
- events
- online portals
- our website and social media.
Why we collect your information
The NIAA collects your personal information to help us:
- create and deliver services for Aboriginal and Torres Strait Islander peoples
- plan and manage remote employment services
- run our programs and grants
- decide if you qualify for a program
- develop policies
- research, monitor and evaluate our programs and policies
- help with your application
- check your identity
- give advice to the Prime Minister and the Minister for Indigenous Australians
- work on Closing the Gap
- recruit and communicate with staff and keep them safe
- make sure NIAA fulfils its obligations as an employer and an Agency
- promote reconciliation
- investigate fraud and do audits
- deal with complaints and questions
- invite you to give feedback or join consultations
- send you updates if you subscribe to our services
- organise events, visits and community meetings
- help during emergencies or disasters
- make sure the NIAA follows the law and administrative rules
- respond to requests under the Freedom of Information Act 1982
- investigate low aromatic fuel issues
- respond to letters from people and other government agencies or Ministers.
How we protect your information
We take steps to keep your personal information safe. We:
- sort and keep records safely following Australian government security rules, including the Protective Security Policy Framework
- only allow approved people to see information if they need to know it
- only let people with approved logins access it
- check who has accessed information
- keep our buildings safe
- update and check our security systems.
We might get your details from someone else. If we do, we will tell you through:
- this Privacy Policy
- notices
- our staff.
If your personal information is lost or accessed without permission, we will follow our Data Breach Response Plan. We will tell you if it is likely to cause serious harm.
How we use and share your information
We use and share your personal information for the reason we collected it. We tell you why we need it when we collect it or soon after.
We only use and share your information for other reasons if the law allows it.
We may share your information with:
- contracted service providers who give services to us or for us
- other state, territory or Commonwealth government agencies
- professional advisers (for example, lawyers or consultants)
- law enforcement agencies
- courts and tribunals
- ministers, parliamentary staff and committees (who check how we do our work)
- overseas, (with your consent or if the law lets us), for example when we publish information online.
In our Customer Relationship Manager (CRM), we keep a record of your interactions with us. This helps us:
- understand how you interact with us
- understand how you take part in our activities
- improve our help when you contact us
- provide you with information
- engage with you better.
We ask for your consent to record your information in the CRM.
We may share information from the CRM with other Australian agencies that work with us. We only share when necessary and restrict access to those who need it.
We use websites like Facebook, Twitter, LinkedIn, and YouTube to talk with you. These sites have their own privacy policies and may use cookies. Check their websites for more information.
We may share your details with the Department of Prime Minister and Cabinet (PM&C) for shared services.
Website analytics
We use 'cookies' to improve your experience on our site. Our website also uses Google Analytics, which sends data to Google servers in the USA. Google Analytics does not identify you or link your IP address with other data held by Google. We use Google Analytics reports to understand website traffic and usage.
By using this website, you agree to how Google handles your data as explained in their Privacy Policy. You can opt-out of Google Analytics by:
- disabling or refusing cookies
- disabling JavaScript
- using Google's opt-out service
Our website may have links to other websites. We are not responsible for their privacy practices. When you visit other websites, please read their privacy policies.
Accessing and correcting personal information
You have the right to ask for the personal information we hold about you and to ask us to correct it. We will respond within 30 days.
Sometimes, we may not be able to give you access. This can happen if the law says we can't, like under the Freedom of Information Act 1982 (FOI Act). If we refuse, we will tell you why in writing and explain how you can dispute the decision.
To ask for your personal information or to correct it, contact our Privacy Officer at privacy@niaa.gov.au. Talking to our Privacy Officer can help us understand your request better. They may tell you the best way to handle your request, like under the Privacy Act, the FOI Act, or another way.
How to make a privacy complaint
If you are not happy with how we handle your personal information, you can complain to the Privacy Officer.
How to complain:
- write to our Privacy Officer at privacy@niaa.gov.au
- include:
- a short description of your privacy concern
- any actions or dealings with our staff about your concern
- your contact details.
What we will do:
- acknowledge your complaint
- use the information to address your complaint
- update you on the handling of your complaint
- talk to other areas or third parties if needed
- respond within a reasonable time (usually 30 days).
If your complaint involves another department we may:
- ask for more information to decide who should handle it
- refer you to that department or agency
- work with them to respond to your complaint.
Anonymous complaints:
- you can complain anonymously, but it might be hard for us to investigate or respond.
If we can't resolve your complaint:
- you can complain to the Office of the Australian Information Commissioner (OAIC).
How to contact the OAIC:
- online form on the OAIC website
- email: enquiries@oaic.gov.au
- fax: 02 9284 9666
- mail:
Office of the Australian Information Commissioner, Sydney Offices
GPO Box 5218, Sydney NSW 2001
Contacting the Privacy Officer
Contact the NIAA’s Privacy Officer if you want to:
- ask questions about our Privacy Policy or need it in a different format
- get access to or correct your personal information
- make a privacy complaint
How to contact our privacy officer:
- email: privacy@niaa.gov.au
- phone: 02 6152 3080
- mail:
The Privacy Officer, National Indigenous Australians Agency
PO Box 2191, Canberra ACT 2600
Privacy Impact Assessment Report Register
We must do a Privacy Impact Assessment (PIA) for high privacy risk projects.
The below Register lists all NIAA's PIAs done since 1 July 2019.
| Date of Completion | Title of Privacy Impact Assessment |
|---|---|
| June 2020 | NIAA Customer Relationship Management (CRM) Project |
| November 2020 | NIAA Community Development Program Data Project |
| February 2021 | Long-term outcomes for Indigenous participants of employment services programs linked data project |
| May 2021 | NIAA Indigenous Employment Services Programs Data Acquisition Project |
| February 2022 | Remote Engagement Program Trials |
| September 2022 | Privacy Impact Assessment for the Aboriginal Land Grant (Jervis Bay Territory) Amendment (Strengthening Land and Governance Provisions) Bill 2022 |
| May 2023 | Pre-employment screening checks |
| July 2023 | First Nations Tourism Mentoring Program |
| January 2024 | Territories Stolen Generations Redress Scheme |
| July 2024 | Youpla Support Program |
| September 2024 | Indigenous Skills and Employment Program (ISEP) |
| April 2025 | Remote Jobs and Economic Development Program |